From aa9633b4358c571e58710dba5330f72f7f893304 Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Mon, 29 Aug 2022 11:36:16 +0000
Subject: nat: T4367: Move nat rules from /tmp to /run/nftables_nat.conf

Move nftables nat configuration from /tmp to /run
As we have for other services like firewall, conntrack
Don't remove the config file '/run/nftables_nat.conf' after commit
---
 src/conf_mode/nat.py | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py
index 85819a77e..a72e82a83 100755
--- a/src/conf_mode/nat.py
+++ b/src/conf_mode/nat.py
@@ -44,7 +44,7 @@ if LooseVersion(kernel_version()) > LooseVersion('5.1'):
 else:
     k_mod = ['nft_nat', 'nft_chain_nat_ipv4']
 
-nftables_nat_config = '/tmp/vyos-nat-rules.nft'
+nftables_nat_config = '/run/nftables_nat.conf'
 
 def get_handler(json, chain, target):
     """ Get nftable rule handler number of given chain/target combination.
@@ -186,16 +186,12 @@ def generate(nat):
     # dry-run newly generated configuration
     tmp = run(f'nft -c -f {nftables_nat_config}')
     if tmp > 0:
-        if os.path.exists(nftables_nat_config):
-            os.unlink(nftables_nat_config)
         raise ConfigError('Configuration file errors encountered!')
 
     return None
 
 def apply(nat):
     cmd(f'nft -f {nftables_nat_config}')
-    if os.path.isfile(nftables_nat_config):
-        os.unlink(nftables_nat_config)
 
     return None
 
-- 
cgit v1.2.3